There are lots of ways to hack a PC. You can exploit software vulnerabilities. You can put malware on a USB drive and drop it in a parking lot for some unsuspecting office worker to pick up and plug in. Or you can turn an operating system’s features against itself, strategically manipulating them to gain […]
The first thing you should read about cybersecurity this week, if you somehow haven’t already, is this in-depth look at Olympic Destroyer, the malware that plagued the Pyeongchang Olympics. An excerpt from WIRED senior writer Andy Greenberg’s upcoming book Sandworm, the feature from our November issue details how investigators figured out who was behind the […]
Last October, as Facebook grappled with the fallout from the Cambridge Analytica scandal, Apple CEO Tim Cook gave a speech in Brussels in which he sought to distance the iPhone maker from its peers. Cook railed against the “data industrial complex,” and chastised companies like Google and Facebook for collecting personal information from users and […]
The Department of Justice said today that it has taken down the massive dark web child-porn site Welcome to Video. The site generated and distributed exploitative content, and had infrastructure in place that could have supported up to a million users. In a press conference this morning, US attorney Jessie Liu called it “one of […]
In the wake of extensive mishandling of user data and a series of security missteps, Facebook has deployed a number of security and privacy initiatives. A key focus: expanding its long-standing bug bounty program. Now Facebook is courting outside hackers more aggressively than ever. Last year, the company began paying bounties for certain bugs researchers […]
The past week brought a heaping helping of not so comforting cybersecurity news, starting with President Donald Trump’s apparent plans to pull out of the Cold War-era Open Skies treaty. We explained why that would be as bad an idea as it sounds. But that’s just for starters. We also took a look at how […]
The theme of this week is by now a familiar one: “Things keep getting worse.” Starting with the security of countless so-called real time operating systems that all share some variation on the same decades-old code. That makes them all vulnerable to the set of Urgent/11 vulnerabilities we had reported on just the other week. […]
A whistleblower complaint about a potentially coercive phone call President Donald Trump had in July with Ukrainian president Volodymyr Zelensky led to a congressional hearing and full-on impeachment inquiry this week. At one point in the call, Trump brought up the cybersecurity incident response firm Crowdstrike, indicating that he still doesn’t believe the US intelligence […]
In three short years, the Defcon Voting Village has gone from a radical hacking project to a stalwart that surfaces voting machine security issues. This afternoon, its organizers released findings from this year’s event—including urgent vulnerabilities from a decade ago that still plague voting machines currently in use. Voting Village participants have confirmed the persistence […]
In April, Cloudflare, the internet infrastructure giant, launched a security- and speed-focused mobile VPN called Warp. The idea was to offer a sleek, streamlined alternative to the buggy, laggy, generally frustrating options that make up most of the mobile VPN market. But things with Warp didn’t go as planned. In fact, the original release had […]